General

  • Target

    e080a287c130ffa1fd75a4c72de0d14e142335b0c8672a351f216bff79dad84d

  • Size

    454KB

  • Sample

    241223-ejw8mavrdz

  • MD5

    e9a35cfdd7204ed6a64f13f710d18c7a

  • SHA1

    d5c166db6c72a5bc04bbb60c2f4e220badffc973

  • SHA256

    e080a287c130ffa1fd75a4c72de0d14e142335b0c8672a351f216bff79dad84d

  • SHA512

    ed17ab6f4eb52524a0a0e6e95d158ca13804a71842ca9960ad0b7f12e094809055456e0488d1674f733b206d5bc66a62403a87b232e16f16c0d16bf7965cb9dd

  • SSDEEP

    6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbes:q7Tc2NYHUrAwfMp3CDs

Malware Config

Targets

    • Target

      e080a287c130ffa1fd75a4c72de0d14e142335b0c8672a351f216bff79dad84d

    • Size

      454KB

    • MD5

      e9a35cfdd7204ed6a64f13f710d18c7a

    • SHA1

      d5c166db6c72a5bc04bbb60c2f4e220badffc973

    • SHA256

      e080a287c130ffa1fd75a4c72de0d14e142335b0c8672a351f216bff79dad84d

    • SHA512

      ed17ab6f4eb52524a0a0e6e95d158ca13804a71842ca9960ad0b7f12e094809055456e0488d1674f733b206d5bc66a62403a87b232e16f16c0d16bf7965cb9dd

    • SSDEEP

      6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbes:q7Tc2NYHUrAwfMp3CDs

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks